WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity
18,935 Commits
27 Branches
168 Tags
358 MiB
Commit Graph

870 Commits (ffee4edcf5bca4ee6fc73113dc48e06c2ddfb63f)

Author SHA1 Message Date
Chris Conlon be65f5d518 update FSF address, wolfSSL copyright 2014-04-11 15:58:58 -06:00
John Safranek 421c08fc61 Merge branch 'frankencert' 2014-04-11 10:01:03 -07:00
Takashi Kojo b712380a60 Sync MDK5 Software Pack with 2.9.4 2014-04-11 16:20:12 +09:00
John Safranek e79ce42ef4 Added checking of the key usage and extended key usage extensions in the 
certificates.
 2014-04-10 16:50:14 -07:00
toddouska b59b3d7c36 remove unused blake2b helper f()s 2014-04-07 11:35:13 -07:00
toddouska 5a70aba3bc fix InitSha 2014-04-04 15:37:04 -07:00
toddouska 562b017776 user settings, custom rand gen, by tyto diff 2014-04-04 15:10:08 -07:00
Chris Conlon c4f483aaa2 Fix order of GenerateSeed() when MQX is used with leanPSK 2014-04-04 12:37:22 -06:00
toddouska 6504d605a0 fix des malloc cast 2014-04-01 14:02:36 -07:00
toddouska c210600d93 RSA fips mode 2014-04-01 13:08:48 -07:00
toddouska 4ba587b18a Merge branch 'master' of github.com:cyassl/cyassl 2014-04-01 12:06:48 -07:00
John Safranek 1f3bc9263d error to have v1 or v2 certificates with extensions 2014-03-28 11:25:05 -07:00
Moisés Guimarães bbc9c53b90 fix error include 2014-03-28 14:01:10 -03:00
Moisés Guimarães 6b9f711de0 DesSetKey refactory to reduce stack usage: 
--- buffer variable moved to the heap;
--- return type changed to int, returning 0 for success;
--- chain of dependency updated to propagate the error.
 2014-03-28 12:59:39 -03:00
toddouska 05b132ce1c HMAC fips mode 2014-03-27 15:43:54 -07:00
toddouska 7dd265cf2e SHA384 fips mode 2014-03-27 14:37:37 -07:00
toddouska e873d7998b SHA512 fips mode 2014-03-27 14:03:12 -07:00
Chris Conlon 74a6916606 remove fips file stubs 2014-03-27 12:47:38 -06:00
Chris Conlon 62b8abafc5 fix variable shadow warning in asn.c 2014-03-26 23:43:44 -06:00
Chris Conlon 9d74775934 add fips file placeholders 2014-03-26 23:40:07 -06:00
toddouska 717f3adb47 fix item 9 from report by Ivan Fratric of the Google Security Team 2014-03-26 13:28:19 -07:00
toddouska d5be4c4663 SHA-256 fips mode 2014-03-25 17:11:15 -07:00
toddouska 18d178f325 add ShaFinal fips mode 2014-03-25 16:20:03 -07:00
toddouska b41186a6dd Merge branch 'master' of github.com:cyassl/cyassl 2014-03-25 16:02:12 -07:00
toddouska 3607db9077 add SHA1 fips mode 2014-03-25 16:01:17 -07:00
toddouska b6fc109c1d add ecc_ctx_reset() so user can reuse ctx w/o init/free 2014-03-25 12:48:25 -07:00
toddouska fb6d671629 resolve pull request merge conflict 2014-03-25 11:39:07 -07:00
toddouska 0ea10a4388 add 3DES fips mode 2014-03-24 13:37:52 -07:00
John Safranek e19e2a801d Ext Key Usage 
1. Store reference to raw EKU OIDs in the DecodedCert.
2. Fixed usage of the anyEKU.
 2014-03-21 09:37:10 -07:00
John Safranek 08ae775406 Merge branch 'master' of github.com:cyassl/cyassl 2014-03-21 09:34:08 -07:00
toddouska 98c6e3f3af have Base16 Decode on for FIPS tests 2014-03-20 11:38:14 -07:00
toddouska 8bc6bf9424 add lower case support to Base16 decode for better known answer test support, export 2014-03-20 10:31:52 -07:00
John Safranek 1e041abf04 decode Extended Key Usage extension 2014-03-20 10:07:47 -07:00
toddouska 58885b36eb add AesCbc fips mode 2014-03-19 16:43:52 -07:00
toddouska 388436c53e add AesSetKey fips mode 2014-03-19 13:56:11 -07:00
toddouska faecf7f849 require thread local storage for power on self thread check 2014-03-19 10:19:08 -07:00
toddouska be9451fbc5 rm --cahced didn't work to stop tracking 2014-03-19 09:55:20 -07:00
toddouska 8bbc30f3e1 add fips enable switch 2014-03-19 09:43:57 -07:00
toddouska 90b08761c4 fix benchmark output with 3 decimals 2014-03-18 12:28:54 -07:00
John Safranek ac452eebdc in DecodeAltNames, skip unknown name types, don't treat as error 2014-03-18 09:24:07 -07:00
John Safranek bcd7f03495 X.509 
1. Added stubs for the Extended Key Usage and Inhibit anyPolicy
   extensions.
2. Key Usage extension is decoded normally.
3. Certificate Policy extension is noted normally.
 2014-03-14 15:48:33 -07:00
toddouska b56ecd1842 add enable-iopool , simple I/O pool example using memory overrides 2014-03-13 18:54:51 -07:00
John Safranek 4724c23a05 added critical extension error to error strings 2014-03-13 11:15:16 -07:00
John Safranek 1c35e5929a Merge branch 'master' of github.com:cyassl/cyassl 2014-03-12 15:41:40 -07:00
John Safranek dc14fafb2e reversed a change to clear a warning, replaced some tabs 2014-03-12 14:32:02 -07:00
John Safranek dcb39d5554 bug fixes 2014-03-12 05:50:37 -07:00
John Safranek 92c31d81f9 X.509 with unsupported critical extensions should be rejected 2014-03-11 11:50:45 -07:00
John Safranek 65475fdfe3 Merge branch 'PIC32MZ' of github.com:kojo1/cyassl-test into kojo1-PIC32MZ 
Conflicts:
	ctaocrypt/benchmark/benchmark.c
 2014-03-11 09:54:36 -07:00
John Safranek 6f55549fed fixes for Xcode 5.1, clang 503.0.38 stricter with some warnings 2014-03-11 09:38:36 -07:00
Takashi Kojo e02fa2c571 random.c, indentation 2014-03-11 13:53:37 +09:00
Takashi Kojo 5dbe391d92 sha256.c, mplabx/test_main.c 2014-03-11 13:43:24 +09:00
Takashi Kojo 6235c949b3 PIC32MZ 2014-03-11 11:32:16 +09:00
Takashi Kojo a9ca608030 Sync with CyaSSL master 2014-03-11 11:22:39 +09:00
Takashi Kojo 3e41d8cecb Merge branch 'PIC32MZ-HWCrypt' 
Conflicts:
	configure.ac
	ctaocrypt/benchmark/benchmark.c
	ctaocrypt/src/asn.c
	ctaocrypt/src/coding.c
	ctaocrypt/src/des3.c
	ctaocrypt/src/md5.c
	ctaocrypt/src/random.c
	ctaocrypt/src/sha.c
	ctaocrypt/src/sha256.c
	cyassl/ctaocrypt/aes.h
	cyassl/ctaocrypt/settings.h
	cyassl/ssl.h
	cyassl/version.h
	examples/server/server.c
	m4/ax_debug.m4
	m4/ax_tls.m4
	mplabx/benchmark_main.c
	mplabx/ctaocrypt_test.X/nbproject/configurations.xml
	mplabx/test_main.c
	src/io.c
	src/ocsp.c
	src/ssl.c
	src/tls.c
	testsuite/testsuite.c
 2014-03-11 10:11:36 +09:00
Takashi Kojo 8ea2eec773 Merge https://github.com/cyassl/cyassl 2014-03-11 09:55:57 +09:00
Takashi Kojo a12fe60723 Add AES-Counter to benchmark.c 2014-03-10 10:46:40 +09:00
Takashi Kojo e5a51ca516 PIC32MZ Crypt Engine 2014-03-04 22:10:19 +09:00
Takashi Kojo f5922255b0 Catching up 2.9.0 2014-03-04 22:09:38 +09:00
toddouska f1597c86b1 fix clang -Wconversion except -Wsign-conversion 2014-03-03 16:46:48 -08:00
toddouska 1fd6245600 fix all clang warnings except Wpadded (diagnostic), Wconversion which inludes Wsign-conversion (implicit conversions part of standard) 2014-03-03 13:27:52 -08:00
John Safranek ec7c79c12e fix a couple more uninitialized variables 2014-03-02 18:38:12 -08:00
toddouska a50d2e1e21 fix -Wcast-align 2014-03-02 11:47:43 -08:00
toddouska f0f6497526 fix -Wconditional-uninitialized 2014-03-02 11:11:39 -08:00
toddouska 7b00374930 fix -Wmissing-variable-declarations 2014-03-02 11:06:41 -08:00
toddouska ac7cb3c8aa add -Wunreachable-code 2014-02-24 11:15:22 -08:00
toddouska 45859e97bf fix arm thumb mode assembly 2014-02-18 16:45:43 -08:00
Chris Conlon cf6eaf219a tyto build - add GenerateSeed, exclude ctype.h, test.h 2014-02-12 13:39:38 -07:00
John Safranek f1c2250652 fix static analysis warning, g++ compile warning 2014-02-07 14:52:44 -08:00
John Safranek f669e73c8d Merge branch 'master' of github.com:cyassl/cyassl 2014-02-03 14:49:38 -08:00
John Safranek 2758f40a09 For OCSP, when decoding X.509 Auth Info Access record, find the first 
OCSP responder, rather than only looking at the first item.
 2014-02-03 14:39:41 -08:00
Takashi Kojo 80cf1b20b3 Merge https://github.com/cyassl/cyassl 
Conflicts:
	configure.ac
	ctaocrypt/src/asn.c
	cyassl/ctaocrypt/asn.h
	cyassl/ctaocrypt/settings.h
	src/internal.c
	src/io.c
 2014-02-03 09:01:50 +09:00
toddouska 51b3b1cb6c fix pkCurveOID c files, doesn't require openssl extra 2014-02-01 12:14:41 -08:00
Moisés Guimarães de6a537896 exporting pkCurve info to ctx and ssl 2014-01-31 16:52:14 -03:00
Takashi Kojo 07af9913c3 LwIP native TCP 2014-01-31 08:49:39 +09:00
Takashi Kojo e28d256197 CyaSSL master, 2.8.6 2014-01-31 08:44:42 +09:00
John Safranek 12e9309618 fix Windows function name conflict 2014-01-28 12:30:01 -08:00
John Safranek 631cfbcf27 fix output size check bug 2014-01-28 11:57:49 -08:00
toddouska 2084e9869d fix pkcs7 leaks with normal math 2014-01-27 16:29:15 -08:00
toddouska e040e0ba7a fix scep 32 2014-01-27 12:50:29 -08:00
toddouska c0f9780c70 fix challenge pwd init bug 2014-01-24 14:08:14 -08:00
toddouska 21c9eb7b22 fix forgotten leading 0 on SetRsaPublicKey 2014-01-24 13:58:20 -08:00
toddouska 5945723d87 linux pkcs7 build fixes 2014-01-24 13:15:26 -08:00
John Safranek 1dac5d28e3 Allow PKCS7_VerifyDecodedData to have an empty set of SignerInfos. Save first certificate. 2014-01-24 12:14:53 -08:00
John Safranek 595fe0b445 Merge branch 'master' of github.com:cyassl/cyassl 2014-01-23 21:48:37 -08:00
toddouska 18365df209 add non block length test case, including test again, to aes ctr 2014-01-23 15:18:42 -08:00
Chris Conlon 43199cd573 PKCS7_DecodeEnvelopedData, only do ParseCert once in PKCS7_InitWithCert 2014-01-23 14:48:18 -07:00
toddouska 45c05ffd30 add non block size AesCtr support 2014-01-23 12:34:27 -08:00
John Safranek 0972fbbf9d PKCS7_VerifySignedMessage() decodes more of the 
message and performs an RSA verify on it.
 2014-01-23 11:24:50 -08:00
Chris Conlon 9f8dcccc61 PKCS7_DecodeEnvelopedData, RsaPrivateDecryptInline can return 0 upon error 2014-01-22 15:26:43 -07:00
John Safranek 38c2373c4f PKCS7_VerifySignedData() also saves pointer to signed data. 2014-01-21 22:11:21 -08:00
John Safranek 15f94b2f98 1. Resized sample PKCS7 signed data attribute. 
2. Removed unnecessary PKCS7 signed data attribute.
 2014-01-21 11:45:15 -08:00
John Safranek c35a635fd7 Added initial PKCS7_VerifySignedData(). Only saves 
the first included certificate if available.
 2014-01-20 15:52:41 -08:00
John Safranek 2187955fe9 Merge branch 'master' of github.com:cyassl/cyassl 2014-01-20 10:53:14 -08:00
John Safranek 28f3a2dc21 Added deallocator function for PKCS7 initializer data. 2014-01-20 10:51:26 -08:00
Chris Conlon ce7fe56de5 adjust next PKCS#7 envelopedData recipient check 2014-01-20 11:42:45 -07:00
John Safranek c4eb5642b1 1. Sign the PKCS#7 with a supplied private key, not 
the single cert's public key.
2. Rename PKCS7 Envelope Data function as
   `PKCS7_EncodeEnvelopedData()`.
3. Encode signed data to check input parameters.
 2014-01-17 14:07:40 -08:00
Chris Conlon e9b82d8174 place PKCS#7 IV in AlgoID optional params, resolve merge conflicts 2014-01-16 17:46:28 -07:00
Chris Conlon 366f42a91b remove NULL tag from block cipher AlgoId, IV there instead 2014-01-16 17:45:10 -07:00
John Safranek eb2e987a29 Split two PKCS7 tests into two functions. 2014-01-16 16:29:33 -08:00
John Safranek cf22e49117 Merge branch 'master' of github.com:cyassl/cyassl 2014-01-16 16:19:34 -08:00
John Safranek 264ce75041 1. Split SetTagged into SetExplicit and SetImplicit. 
2. Updated code using SetTagged to use new functions.
 2014-01-16 16:17:17 -08:00
Chris Conlon a75b95facc more comments to PKCS#7 files 2014-01-16 13:29:37 -07:00
Chris Conlon 590dde753a only store issuer into issuerRaw 2014-01-16 10:45:52 -07:00
John Safranek 36f78c5e1d 1. Bug fix for taking the size of something. 
(Used wrong variable name.)
2. Renamed PKCS7 signed data test output file.
3. Added PKCS7 data test output files to gitignore.
 2014-01-15 15:42:27 -08:00
John Safranek cd44227945 Cleaned up warnings when using sizeof() in math. 2014-01-15 14:25:15 -08:00
John Safranek 85c5c29e7a Merge branch 'master' of github.com:cyassl/cyassl 
Conflicts:
	ctaocrypt/test/test.c
	cyassl/ctaocrypt/pkcs7.h
 2014-01-15 13:23:26 -08:00
John Safranek c33a8a890e Added encoding PKCS#7 signed data messages. 2014-01-15 12:31:51 -08:00
Chris Conlon 46a03daf5f initial PKCS#7 crypto test 2014-01-15 11:05:18 -07:00
Chris Conlon 9f7e33e7e1 add PKCS7_DecodeEnvelopedData() 2014-01-14 22:57:55 -07:00
Chris Conlon d63c58864f expose more ASN.1 helper functions with CYASSL_LOCAL 2014-01-14 22:48:55 -07:00
Chris Conlon 80c19aaf33 add PKCS7 error codes 2014-01-14 22:46:54 -07:00
toddouska 3152c28650 add escape for 64encdoe + and = too 2014-01-14 09:36:21 -08:00
Chris Conlon f072d92ed8 Merge branch 'master' of github.com:cyassl/cyassl 2014-01-13 13:20:29 -07:00
Chris Conlon 69ffa3a481 add PKCS7_EncodeEnvelopeData() 2014-01-13 13:19:44 -07:00
toddouska bb6b2e86c6 add base64 encode with esacped line ending, keep existing api intact 2014-01-13 12:17:12 -08:00
John Safranek ef9cfc2172 Added method to encode PKCS7 data type messages. 2014-01-13 10:58:01 -08:00
Chris Conlon 71e13a3c3a expose ASN.1 helper fns, add blkType 2014-01-10 16:13:56 -07:00
Chris Conlon 1d67d9217e initial PKCS#7 stubs, tie into ./configure 2014-01-10 15:17:03 -07:00
John Safranek 4a975e8d00 SetRsaPublicKey() to support ASN.1 unsigned intergers correctly. 2014-01-10 11:29:08 -08:00
John Safranek f9e73a8aeb Added setting the cert req challenge password. 2014-01-09 14:17:55 -08:00
John Safranek f545a33e77 Cert Req 
1. Added support for the cert req attributes.
2. Added setting the Basic Constraints extenstion request.
3. Added error checking for the cert req attribs.
 2014-01-08 16:26:42 -08:00
John Safranek 7b4cf370d0 In test: Cert req now signed by correct key. Removed loading of CA key. 2014-01-08 11:47:59 -08:00
John Safranek f0a7d94c48 Cert Request 
1. Added setting the request's version.
2. Added certreq test code to the ctaocrypt test.
3. Added the certreq test outputs to gitignore.
 2014-01-08 10:57:46 -08:00
John Safranek 4de6a6d902 Cert Request 
1. Added function to make simple DER format cert reqs.
2. Added cert req type to DerToPem.
 2014-01-07 17:25:46 -08:00
toddouska d6ad10f027 add USE_SLOW_SHA2 for sha384 and sha512, over twice as small code but over 50% slower too 2014-01-03 12:32:14 -08:00
toddouska 9d0e991e41 fix 32bit no asm combos 2014-01-02 16:58:54 -08:00
Chris Conlon 9f4ea7d059 update TYTO settings, FREESCALE_MMCAU AES check for NULL 2014-01-02 13:13:18 -07:00
Chris Conlon 64912b37f6 adjust key buffer length when using ToTraditional() or ToTraditionalEnc() 2013-12-23 14:07:58 -07:00
rofl0r a36c18c27f implement CyaSSL_ERR_reason_error_string 
this has several advantages:
- we can provide a replacement for openssl's ERR_reason_error_string,
  which makes porting simpler,
- code shrink due to removal of excessive strcpy call
- all error strings are const anyway so there's no point to force the
  user to supply storage for them and copying them around.
 2013-12-19 19:40:48 +01:00
Chris Conlon 8c8a1b0db8 add Freescale K60 mmCAU AES, DES, 3DES support 2013-12-17 16:29:21 -07:00
Chris Conlon c466fac597 add Freescale K60 mmCAU MD5, SHA, SHA256 support 2013-12-17 16:28:08 -07:00
toddouska ba95c33ed4 more clang warnings 2013-12-11 15:47:40 -08:00
toddouska b41d09b1a2 fix newer clang warnings 2013-12-11 12:03:09 -08:00
toddouska 276a9c871e eccfp warning fix 2013-12-06 08:58:06 -08:00
Takashi Kojo 1bcd61f134 Eliminating unused files 2013-11-28 09:05:33 +09:00
Takashi Kojo 9a67901081 Eliminate unused files 2013-11-28 00:16:49 +09:00
toddouska 6e7c9fb8de Merge branch 'master' of github.com:cyassl/cyassl 2013-11-20 17:07:33 -08:00
toddouska 8bf18d31c9 fix smartos warnings 2013-11-20 17:03:19 -08:00
Chris Conlon 2f7970ab65 add FREERTOS current_time() to benchmark.c 2013-11-20 17:03:58 -07:00
toddouska 864b25843e Merge branch 'master' of github.com:cyassl/cyassl 2013-11-20 15:13:14 -08:00
toddouska 10a3f8ead3 make cert names more consistent with str type that openssl uses 2013-11-20 15:12:33 -08:00
John Safranek 67b1b00a2c OCSP Nonces are not critical extensions. Allow a response to be missing the nonce. 2013-11-20 13:46:46 -08:00
toddouska c545202de0 don't allow inplace DerToPem, not supported 2013-11-20 13:17:39 -08:00
toddouska 7585e92fee allow cert signing w/o Cert object, buffer only 2013-11-19 16:56:49 -08:00
John Safranek 4377996d87 Saved original SKID and AKID from certificate for later use with X.509 functions. 2013-11-19 16:20:18 -08:00
John Safranek 0fd6aed9b6 Save more decoded data from certificate for later use with X.509 functions. 2013-11-19 14:44:55 -08:00
toddouska e92860bda7 ecc enc/dec offset init fix 2013-11-19 11:17:23 -08:00
toddouska d91e8ab38e add cert gen for ecc certs 2013-11-14 20:34:39 -08:00
toddouska a7bcca84c3 add ecdsa cert signing 2013-11-14 15:00:22 -08:00
toddouska cf4230b073 add ecc encrypt secure message exchange, hide ecEncCtx 2013-11-13 17:53:11 -08:00
toddouska 2e9e372875 Merge branch 'master' of github.com:cyassl/cyassl 2013-11-11 17:01:39 -08:00
toddouska 0ef44329ef add thread local storage to ecc fp cache, no locking required but cache is per thread, higher conncurrent performance but more memory needed 2013-11-11 17:00:35 -08:00
Takashi Kojo b54b92bc2a benchmark.c conflicts resolved 2013-11-12 08:21:41 +09:00
Takashi Kojo 5a9140fd13 For PIC32MZ 2013-11-12 08:12:01 +09:00
Takashi Kojo 0048c20fe5 PIC32MZ RNG 2013-11-11 12:15:19 +09:00
Takashi Kojo 23cada35ba Catch up master 2013-11-10 21:06:34 +09:00
Takashi Kojo a4e61cbdbb For PIC32MZ 2013-11-10 20:42:21 +09:00
toddouska 3e072c8dda random.c missing settings include fix 2013-11-08 10:56:50 -08:00
toddouska c2f9064ae4 Merge branch 'master' of github.com:cyassl/cyassl 2013-11-07 16:00:34 -08:00
toddouska 554adff672 add basic ecc encrypt/decrypt 2013-11-07 15:59:31 -08:00
toddouska 7866d51ee9 fix benchmark pull changes 2013-11-07 11:00:56 -08:00
Takashi Kojo 16bda74536 For MDK5 Pack 2013-11-07 10:29:01 +09:00
Takashi Kojo f26cf50ff2 Merge branch 'master' of https://github.com/cyassl/cyassl into MDK5 2013-11-06 10:22:21 +09:00
John Safranek 913e200cd0 X.509 Additions: 
* CyaSSL_X509_d2i()
* CyaSSL_X509_d2i_fp()
* CyaSSL_X509_version()
* CyaSSL_X509_get_notBefore()
* CyaSSL_X509_get_notAfter()
* CyaSSL_X509_STORE_new()
* CyaSSL_X509_STORE_free()
* CyaSSL_X509_STORE_add_cert()
* CyaSSL_X509_STORE_set_default_paths()
* CyaSSL_X509_get_pubkey()
* CyaSSL_EVP_PKEY_free()
* CyaSSL_X509_NAME_get_text_by_NID()
* CyaSSL_X509_NAME_entry_count()
* CyaSSL_X509_verify_cert()
* CyaSSL_X509_STORE_CTX_new()
* CyaSSL_X509_STORE_CTX_init()
* CyaSSL_X509_STORE_CTX_free()
 2013-11-04 11:02:17 -08:00
toddouska 5e00d62ea3 add HMAC-KDF 2013-10-31 18:03:00 -07:00
toddouska c88d0d5739 fix mplab harmony random ifdef 2013-10-31 10:47:03 -07:00
toddouska cc323fb4cc ecc shamir requires bigger LUT in fp mode 2013-10-31 10:43:48 -07:00
toddouska 12b074fbe9 add worst case estimate to ecc_sign_size() 2013-10-30 13:33:23 -07:00
toddouska 3d19604bfb make sure to always check mp_to_*, normal math could fail 2013-10-29 17:38:12 -07:00
toddouska f402d7eed9 add ecc export pirvate only 2013-10-29 16:44:33 -07:00
toddouska 071338bf39 fix fpecc normal math init/free issue 2013-10-28 13:17:33 -07:00
toddouska 9438d0d41b add Microchip MPLAB Harmony support 2013-10-28 11:03:50 -07:00
Takashi Kojo 849bbdefae Updates for MDK4 2013-10-26 17:18:18 +09:00
Takashi Kojo 33ccf62ff5 MDK5 support 2013-10-25 15:49:39 +09:00
Takashi Kojo 558735c862 port.[ch] for MDK5 2013-10-24 20:33:36 +09:00
Takashi Kojo 2f98233825 For MDK5 2013-10-24 18:50:26 +09:00
Takashi Kojo 3ed2085e77 ctaocrypt/{benchmark,src,test} files fro MDK5 2013-10-24 17:20:12 +09:00
toddouska b45370a599 remove test output 2013-10-23 17:17:47 -07:00
toddouska c039b0106a add HC-128 Blake2b 256 cipher suite for speed test 2013-10-23 17:13:54 -07:00
John Safranek 8295d8bb4a 1. Reject DSA certificates instead of ignoring them. 
2. Resolved potential crash when trying to calculate a Subject Key
   ID when the public key is missing from a certificate.
 2013-10-16 10:16:04 -07:00
toddouska 0126a39d68 fix shamir speed up init buffer 2013-10-10 18:47:25 -07:00
John Safranek 33bcc76a07 Merge branch 'master' of github.com:cyassl/cyassl 2013-10-02 15:27:10 -07:00
Chris Conlon 3e12f43342 add CyaSSL_GetHmacMaxSize for JNI wrapper 2013-09-25 14:20:36 -06:00
Chris Conlon 17b220e9c7 add Freescale MQX time functionality 2013-09-24 20:12:48 -06:00
toddouska 363f157f50 fix sniffer build w/o fastmath 2013-09-23 13:37:04 -07:00
John Safranek 5e4ca53496 clean up Windows build issues with OCSP 2013-09-18 14:47:51 -07:00
John Safranek 49d3e74fde Fixed a Windows build warning in the benchmark 2013-09-17 22:15:59 -07:00
Chris Conlon ee78b108cf CTaoCrypt test mods for MQX 2013-09-16 15:48:36 -06:00
Chris Conlon abff02532d add Freescale K53 RNGB support 2013-09-16 14:43:33 -06:00
John Safranek e564b614bf Decode the serialNumber field in the X.509 names 2013-09-15 22:10:58 -07:00
John Safranek 49f82c4717 Added two more GMAC test cases 2013-09-12 14:10:57 -07:00
toddouska 74e7ba8536 fix Kojo-san pull errors 2013-09-11 10:07:33 -07:00
kojo 0869da34a0 Coldfire SEC 2013-09-11 17:06:28 +09:00
John Safranek 03d7c694e8 Merge branch 'master' of github.com:cyassl/cyassl 2013-09-10 16:49:40 -07:00
John Safranek d3db1a42de Added GMAC wrapper functions around AES-GCM 2013-09-10 16:47:39 -07:00
toddouska bab790ab87 add port.c to visual studio builds 2013-09-09 13:48:28 -07:00
John Safranek 0ae966b350 fix shadow warning 2013-09-08 17:46:29 -07:00
toddouska 44ba0af192 free fp ecc resources on cleanup 2013-09-06 17:08:57 -07:00
toddouska 6e05d4317f add proper locking to fp ecc 2013-09-06 16:53:33 -07:00
toddouska a14af5f0b0 move mutex to port layer at crypto level 2013-09-06 16:38:27 -07:00
toddouska 782cb0e077 Merge branch 'master' of github.com:cyassl/cyassl 2013-09-06 14:25:51 -07:00
toddouska 46be3b8508 add fixed point ecc cache, --enable-fpecc, add locking down to crypt level next 2013-09-06 14:24:31 -07:00
Moisés Guimarães d7a08b1a76 centralizing MAX_DIGEST_SIZE definition in hmac.h 2013-09-06 15:53:46 -03:00
John Safranek f2c75a9e87 ECDSA signatures need a zero padding for the ASN.1 storage of the R and S values 2013-09-05 15:00:01 -07:00
toddouska 08c9f61f16 add accelerated ecc_proj* and ECC SHAMIR to speed up ecdsa verify 2013-09-04 13:13:10 -07:00
toddouska e93a0640f1 break up huge math into individual parts so can add piece by piece, e.g., ECC256 2013-09-03 13:13:13 -07:00
John Safranek 0002ba4ee8 Merge branch 'master' of github.com:cyassl/cyassl 2013-08-23 10:12:17 -07:00
John Safranek d734c86c72 cleanup build warnings 
1. Change `CyaSSL_OCSP_set_options()` to return `SSL_SUCCESS`
   or `SSL_FAILURE` as `int` like rest of API.
2. Fix data narrowing warning in file io.c function
   `process_http_response()`.
3. Fix global variable shadowed warning in file ssl.c function
   `CyaSSL_GetSessionAtIndex()`
4. Fix data narrowing warning in file internal.c functions
   `Encrypt()` and `Decrypt()`. Passed in a word32 size parameter
   that was provided a word16 and used as a word16.
5. Removed unreachable code from file tls.c function
   `CyaSSL_GetHmacType()`.
6. Fix data narrowing warnings in file aes.c functions
   `AesCcmEncrypt()` and `AesCcmDecrypt()`.
 2013-08-23 10:09:35 -07:00
toddouska e98f5f95c2 add public key callbacks for ecc sign/verify, examples 2013-08-22 18:19:39 -07:00
toddouska 840e958ae5 add ecc verify to benchmark 2013-08-09 17:06:02 -07:00
toddouska 5c5cee0789 use external CYASSL_MAX_ERROR_SZ for buffer size 2013-08-06 11:48:00 -07:00
toddouska 505b1a8a67 fix ecc sign/hash truncation with odd bit sizes when hash length is longer than key size 2013-07-25 15:59:09 -07:00
John Safranek 43f320d5e2 SEP Extensions 
1. Added configure option to enable SEP extensions.
2. Enabled KEEP_PEER_CERT for the SEP configuration.
3. Copy the Certificate Policy extension into the cert as the
   device type.
4. Copy an other type Alt Name extension into the cert as the
   hwType and hwSerialNumber, if the alt name has a
   hardwareModuleName OID.
 2013-07-09 13:23:56 -07:00
toddouska 99b6c1d3c3 fix GCC warning 2013-07-09 09:57:55 -07:00
toddouska f9bf003718 allow NULL IVs for CBC mode, same as all zero IV 2013-07-08 11:52:00 -07:00
John Safranek b66cb11cb8 Fixed bug in DecodeAltNames() where idx wasn't advanced past the length. 2013-07-05 10:10:38 -07:00
John Safranek 0d0fc27e42 Fixed DecodeAuthKeyId fail case not returning. 2013-06-26 11:16:17 -07:00
John Safranek f3af0124e4 Fixed DecodeAltNames extension falling through to next case. 2013-06-25 13:37:43 -07:00
John Safranek 0c34ecb451 OCSP Updates 
1. Add option to example server and client to check the OCSP responder.
2. Add option to example server and client to override the URL to use
   when checking the OCSP responder.
3. Copy the certificate serial number correctly into OCSP request.
   Add leading zero only if MS bit is set.
4. Fix responder address used when Auth Info extension is present.
5. Update EmbedOcspLookup callback to better handle the HTTP
   response and obtain the complete OCSP response.
 2013-06-24 10:47:24 -07:00
John Safranek 42a0f3500f Update AES-GCM and AES-CCM to use AES-NI 
1. Added the assembly functions to do AES-ECB.
2. Updated AesEncrypt and AesDecrypt to use the assembly functions
   if available.
3. Modified the AES-GCM and AES-CCM key setup functions to use the
   the AES-NI key setup if availble.
4. Added tests for the AES-ECB encrypt and decrypt.
5. Only include stdio.h for AES when DEBUG_AESNI is enabled
6. If using local key setup, skip using AES-NI for basic Encrypt
   and Decrypt.
 2013-06-19 14:52:58 -07:00
toddouska 85d25798a5 update ntru cert expires dates, update crls while at it, don't turn on skid for crls since openssl/firefox don't use by default and cyassl needs crl extension parsing 2013-06-17 14:48:51 -07:00
toddouska 7f7c595d10 differentiate between THREADX and RTP_SYS 2013-06-14 13:45:25 -07:00
toddouska 9559f09028 warning fixes 2013-06-13 12:13:46 -07:00
toddouska ae84982777 add STACK_TRAP to track stack use on client, will seqfault if exceed limit to see where use is too high, doesn't work with pthread_create() 2013-06-03 14:56:37 -07:00
toddouska b2ef938cbe fix CYASSL_MALLOC_CHECK hard tabs and extra function not needed 2013-05-29 11:18:16 -07:00
kojo 4b9c3d3512 Merge remote-tracking branch 'cyassl/master' into STM.LPC 
Conflicts:
	IDE/MDK-ARM/MDK-ARM/CyaSSL/config-FS.h
	IDE/MDK-ARM/MDK-ARM/CyaSSL/config-RTX-TCP-FS.h
	IDE/MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.c
	IDE/MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.h
	IDE/MDK-ARM/MDK-ARM/CyaSSL/main.c
	IDE/MDK-ARM/MDK-ARM/CyaSSL/shell.c
	IDE/MDK-ARM/MDK-ARM/CyaSSL/ssl-dummy.c
	IDE/MDK-ARM/MDK-ARM/config/File_Config.c
	IDE/MDK-ARM/MDK-ARM/config/RTX_Conf_CM.c
	IDE/MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvopt
	IDE/MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvproj
	ctaocrypt/src/random.c
	src/internal.c
 2013-05-26 09:27:06 +09:00
toddouska 8b90414f2a add POSITIVE_EXP_ONLY for fastmath stack reduction when positive exponents only 2013-05-23 15:55:22 -07:00
toddouska 8df0e43384 fix merge differences from this week 2013-05-22 15:50:13 -07:00
toddouska d2003bb8b7 merge in sni 2013-05-21 14:37:50 -07:00
kojo ff68942ce4 MDK-ARM ready for LCP/STM 2013-05-21 18:47:54 +09:00
kojo 082f5643ed OK for LCP43xx project 2013-05-21 17:13:12 +09:00
kojo da342ea079 initial attempt for MDK-ARM/LPC43xx: 2013-05-21 09:39:09 +09:00
takashikojo 55763ef318 Commit 2.6.2 2013-05-19 10:02:13 +09:00
toddouska 8f5e98486f fix MPLAB X windows warnings 2013-05-17 11:13:47 -07:00
Chris Conlon a4c6ed0dda add support for Microchip TCP/IP 6.0 beta 2013-05-17 10:59:18 -06:00
toddouska cfdfa7b2b3 pull in Kojo MDK-ARM projects, changes 2013-05-16 09:47:27 -07:00
Chris Conlon 091c7a7ef3 separate STM32F2 hardware hash support, disable by default 2013-05-15 10:48:35 -06:00
toddouska 32705fb380 make sure pwdbased w/o fastmath works like fastmath define wise 2013-05-10 11:00:37 -07:00
toddouska a0c630b4ee add cert cache persistence 2013-05-02 11:34:26 -07:00
John Safranek d2d25b9b83 refine the SKID/AKID support 2013-04-29 17:09:15 -07:00
John Safranek 87048698e5 use subject key id and authentication key id to ID CA certs in the signers list instead of subject name hashes. 2013-04-29 12:08:16 -07:00
toddouska 05dd84598b turn CA signer list into CA signer hash table, defaults CA_TABLE_SIZE to 11 2013-04-25 15:36:33 -07:00
John Safranek 8e5532eb42 Merge branch 'master' of github.com:cyassl/cyassl 2013-04-24 10:37:55 -07:00
John Safranek c27ebe546d find the subject id and authority subject id extentions when decoding a certificate 2013-04-24 10:37:11 -07:00
toddouska 24ec09ef7a change big int cast in comparison after 64/128 changes 2013-04-19 13:49:26 -07:00
toddouska 71a1abebf5 break up sig confirm errors into no sig, crl, and ocsp specific 2013-04-18 08:38:28 -07:00
toddouska b806ca3c2f help compiler with fp_div cast to 32bit 2013-04-16 15:29:03 -07:00
John Safranek d279695314 changed ENDIAN_* to *_ENDIAN_ORDER 2013-04-16 12:12:49 -07:00
John Safranek a74ac2b22c added case to DerToPem() to add EC header and footer to the PEM output 2013-04-11 14:03:18 -07:00
toddouska a2bd6e786d fix leanpsk NO_SHA build 2013-04-10 12:42:51 -07:00
toddouska f535e5428e make sure all tests/examples *.c use settings.h correctly 2013-04-10 12:17:23 -07:00
toddouska 97e0ec073f make sure all lib proper *.c files have config.h then settings.h then checks for defines in case user using settings.h for lib config 2013-04-10 11:04:29 -07:00
Chris Conlon 27d6c727e0 add MICROCHIP_TCPIP 2013-04-10 09:16:11 -06:00
John Safranek 0edc19feb2 converting DerToPem, readjust output buffer size to account for size of header and footer when calling Base64_Encode 2013-04-09 19:03:21 -07:00
Chris Conlon eeb8cdccde s_fp_sub() bug fix 2013-04-05 13:44:53 -06:00
John Safranek 7004b2eafc certs still use SHA hash for names 2013-04-01 13:49:21 -07:00
John Safranek 30553a43ed when disabling arc4, ignores contents of arc4.c 2013-04-01 13:42:41 -07:00
toddouska 6d8246e98c fix scan-build 272 warnings 2013-03-27 12:32:22 -07:00
toddouska 7d82bec7fc do rabbit/hc128 alignment at crypto layer for non intel 2013-03-26 18:16:15 -07:00
toddouska 14b4bb3b0f change rabbit and hc128 to return values for key and process, will add error rets for alignment issues 2013-03-26 14:42:09 -07:00
toddouska f601b7bfda move aesni cbc encrypt align check down to crypto layer 2013-03-26 14:13:01 -07:00
toddouska 6bc7ba1592 change AesCBC end/dec to return status, will add failure cases with align checks 2013-03-26 12:36:39 -07:00
toddouska 72926b1eed make sure blake2 calls denote it's the 'b' version, blake2b 2013-03-25 11:35:33 -07:00
toddouska cb311e5708 explain C aesni asm naming fix in code too 2013-03-24 12:59:30 -07:00
toddouska 8a924244c5 change aesni asm function name to explicit asm for ABI underscore conflicts with clang/gcc differences 2013-03-24 12:53:35 -07:00
toddouska 80e3c85737 change inline assembly to more generic condition code in clobber list, clang likes it better this way 2013-03-24 11:09:58 -07:00
toddouska d33f180760 blake2 32bit build warning fix 2013-03-23 12:02:14 -07:00
toddouska d7c01be8bb blake2 ctc api, test vecs 2013-03-22 13:30:44 -07:00
toddouska d8b85da693 remove c++ comments, switch to c 2013-03-22 12:10:53 -07:00
toddouska d6deb690e6 Merge branch 'master' into blake2 2013-03-22 10:20:01 -07:00
toddouska 7d7a72f2a6 add hmac sha512 2013-03-20 12:26:55 -07:00
John Safranek 02581a3da2 added control of compress memory usage via build setting 2013-03-20 11:28:45 -07:00
John Safranek 615f652bd0 filled out our Compress and DeCompress functions, updated the test case 2013-03-20 09:58:31 -07:00
John Safranek fc928e7725 added stubs and a test for ctaocrypt compress 2013-03-19 16:25:58 -07:00
toddouska 6ba7743fb3 fix fastmath no asm casts to shorter sizes 2013-03-15 15:11:21 -07:00
Chris Conlon e12f947c4f fix TRUE/FALSE clash in asn.c 2013-03-15 11:50:45 -06:00
toddouska 2d9ed696c6 fix USER_TIME casts 2013-03-14 10:51:06 -07:00
toddouska 2dfec3c6f1 add CYASSL prefix to WORD/BIT enums 2013-03-13 16:49:20 -07:00
toddouska a4c8d0e76c make sure no asn doesn't build big int 2013-03-12 15:14:03 -07:00
toddouska 4774f1b285 add --enable-coding, build, leanpsk check 2013-03-12 13:12:10 -07:00
toddouska f232ff84b4 add --enable-pwdbased and build, opensslextra needs 2013-03-11 17:01:05 -07:00
toddouska 49e62f0858 fix general NO_SHA NO_ASN NO_CERTS NO_SESSION_CACHE builds/examples 2013-03-11 16:07:46 -07:00
toddouska 85b3346bbf NO_RSA build, cipher suite tests need work for this build optoin, ssn2 2013-03-07 17:44:40 -08:00
toddouska 2667b8b542 fix base64 decode white space loop 2013-03-04 11:36:07 -08:00
toddouska 98e766e770 our type changes 2013-02-28 17:51:35 -08:00
toddouska e947c86e67 add license, bring up to date 2013-02-22 15:52:20 -08:00
toddouska 48303918c2 Merge branch 'master' into blake2 2013-02-22 15:22:02 -08:00
toddouska f4082f83e5 sb fixes for certgen + keygen 2013-02-20 15:45:10 -08:00
toddouska b2b45d3f4a sb fixes for crl and ocsp 2013-02-20 15:26:22 -08:00
toddouska 04d0c581b1 set output test size to real size, no strlen, make sure input strlens don't have 0x00 2013-02-19 16:16:40 -08:00
toddouska 07baa27b20 fix scan build for fastmath, dtls, ecc, psk, sha512 2013-02-19 12:53:58 -08:00
toddouska 9ea3371079 2nd round scan build 2013-02-14 16:00:45 -08:00
toddouska 62ef5de25c scan build fixes 2013-02-14 14:09:41 -08:00
toddouska 44e0d7543c change copyright name with name change 2013-02-05 12:44:17 -08:00
toddouska f4f13371f9 update copyright date 2013-02-04 14:51:41 -08:00
Todd Ouska 24e22d4b6e add cavium notes and free ssl cavium ciphers 2013-02-01 16:26:42 -08:00
Todd Ouska 44b6593fe5 add cavium ciphers to SSL, and example client 2013-02-01 12:21:38 -08:00
Todd Ouska 01703281cc add cavium RSA to ctaocrypt 2013-01-31 15:55:29 -08:00
Chris Conlon 5d29bf1e49 add MPLAB X projects, PIC32 GenerateSeed() 2013-01-30 18:02:18 -07:00
Chris Conlon b3ffcbd5b4 fix DH key size output in benchmark 2013-01-30 16:54:43 -07:00